isync-mirror/NEWS

1.5.1 (2025-03-11)
==================

Improvements:

- mbsync-get-cert now supports STARTTLS; new option -s
- Zero-sized messages from IMAP Stores are now accepted
- UIDVALIDITY change recovery is now attempted even if both sides of
  the Channel are affected
- The sync summary at the end is more concise again
- Cosmetic improvements to some console output

Bug Fixes:

- Fixed IMAP INBOX not being properly recognized with some servers
- Fixed Maildir INBOX nested into Path not being implicitly listed
- Fixed crash when resuming message propagation with MaxMessages
- Fixed --list-stores hanging after synchronous error
- Fixed --dry-run without --debug-driver not being really dry
- Fixed building from pristine git clones
- Fixed building from shallow git clones


1.5.0 (2024-08-02)
==================

Compatibility Concerns:

- The reference point for relative local paths in the configuration file
  is now the file's containing directory
- Maildir Path cannot be nested into Inbox anymore (this was never documented)
- Renamed the ReNew/--renew/-N options to Upgrade/--upgrade/-u and
  Delete/--delete/-d to Gone/--gone/-g
- Superseded SSLVersions option with TLSVersions, and disabled TLS v1.0
  and v1.1 by default
- Renamed SSLType option to TLSType
- Placeholders will be now created for messages exceeding MaxSize even if they
  are flagged on the source side
- Placeholder upgrades no longer pull flag updates along unless also requested
- New messages which we are about to expunge from the source side are not
  propaged any more even if the target side would keep them
- Tunnel is now consistently assumed to be secure, so some warnings are gone

New Features:

- Changed default config & state locations to follow the XDG basedir spec;
  the old locations remain supported
- Added support for IMAP mailbox names with non-ASCII characters
- Added support for Maildir Paths with suffixes (not ending with a slash)
- Made the Channel side to expire with MaxMessages configurable
- MaxMessages and MaxSize can be used together now
- The unfiltered list of mailboxes in each Store can be printed now
- A proper summary is now printed prior to exiting.
  This includes expunges, which are now included in the progress as well.
- Added support for mirroring deletions more accurately; option ExpungeSolo
- Added new sync operation 'Old' to retry previously skipped messages
- Added --ext-exit option to indicate with the exit code whether Stores
  were modified
- Added --dry-run option

Improvements:

- Added support for the LITERAL- IMAP extension, which improves upload
  performance with f.ex. GMail somewhat
- Improved error handling when attempting to store too big messages on
  f.ex. GMail
- Malformed messages with incomplete headers will be propagated now
- A notice is now emitted if the server does not support race-free Trash
- Improved checking for invalid command lines
- Options not supported due to the build configuration are still recognized
  now, to make error messages more helpful
- The progress indicator is rate-limited now
- Various improvements to the debugging output
- Vastly extended the autotest suite

Bug Fixes:

- Worked around "unexpected EOF" error messages at end of TLS connections;
  affects f.ex. GMail
- Worked around protocol corruption issue with iCloud (mail.me.com)
- Fixed missing CAPABILITY command after logging in if the server does not
  report updated capabilities automatically (affects f.ex. MS Exchange)
- Fixed CopyArrivalDate failing on some date strings
- Fixed propagation of new messages to non-UIDPLUS servers
- Fixed Timeout being ignored by DNS host resolution
- Fixed broken Tunnel potentially causing SIGPIPE
- Fixed Tunnel leaving behind zombie processes
- Fixed expunges not being propagated at all if the first run after they
  occurred did not include --delete
- Fixed MaxMessages being exceeded when only --new was used
- Fixed messages being instantly expired despite being important when only
  --new was used
- Trash-ing failures now prevent expunging and cause a non-zero exit code
- Fixed placeholders being needlessly trashed
- Fixed TrashNewOnly and TrashRemoteNew omitting messages for which only
  a placeholder was synced
- Fixed TrashRemoteNew omitting messages which exceed MaxSize
- Fixed TrashRemoteNew not using race-free expunge
- Optimized some places with unnecessarily high CPU usage
- Fixed unnecessary network usage by non-selective uni-directional syncs when
  no placeholders are present
- Fixed crash when Patterns yields nothing when built with new compilers
- Fixed crash when all flag propagations to a mailbox failed
- Fixed handling of errors during opening mailboxes
- Removed useless "lost track of ... messages" warnings when resuming after
  an interruption
- Fixed many minor bugs in corner cases, mostly when resuming after
  interruptions


1.4.4 (2021-12-03)
==================

Bug Fixes:

- Fixed CVE-2021-3657: multiple buffer overflows on excessively large
  IMAP literals
- Fixed CVE-2021-44143: buffer overflow on header-less messages
- Fixed crash on certain malformed messages in Maildirs
- Fixed somewhat spurious notice about conflicting changes on
  messages marked as deleted


1.4.3 (2021-07-29)
==================

Improvements:

- Arbitrarily large GSSAPI authentication tokens are supported now
- Symlink loops in Maildirs are detected now


1.4.2 (2021-06-06)
==================

Improvements:

- INBOX miss-casing in Path setting is tolerated now

Bug Fixes:

- Fixed CVE-2021-3578: possible remote code execution
- Fixed crash on invalid CAPABILITY response code


1.3.6 (2021-06-06)
==================

Bug Fixes:

- Fixed CVE-2021-3578


1.4.1 (2021-02-21)
==================

Bug Fixes:

- Fixed CVE-2021-20247: IMAP LIST/LSUB path traversal vulnerability
- Fixed UIDVALIDITY change recovery potentially leading to data loss
- Fixed spurious "unexpected FETCH response" errors with some servers
- Worked around FastMail sending malformed PERMANENTFLAGS


1.3.5 (2021-02-21)
==================

Bug Fixes:

- Fixed CVE-2021-20247


1.4.0 (2021-02-03)
==================

Compatibility Concerns:

- The 'isync' compatibility wrapper was removed
- A C11 compiler is required for building now
- The validity of the config file is checked more strictly now, including:
  - Appearance of options in unexpected places
  - The capitalization of INBOX
- The new TLSv1.3 flag must be added to SSLVersions if the option is
  used, unless disabling that version is desired (which is unlikely)
- Removed support for the obsolete/insecure SSL v3
- The use of Master/Slave terminology has been deprecated

New Features:

- The IMAP '$Forwarded' / Maildir 'P' (passed) flag is supported now
- Support for configuring a TLS cipher string was added
- IMAP mailbox subscriptions are supported now
- The IMAP user query can be scripted now
- Added built-in support for the macOS Keychain
- Messages excluded by MaxSize will now result in placeholders

Bug Fixes:

- IMAP protocol errors are handled more robustly now
- Fixed support for SASL's built-in EXTERNAL mechanism
- Improved reliability of synchronization when resuming interrupted runs
- Fixed MaxSize being ignored under certain circumstances when only one of
  New and ReNew was requested
- Fixed a network inefficiency occurring with server-side mailboxes that
  receive new messages only via mbsync


1.3.4 (2021-02-03)
==================

Bug Fixes:

- Fixed regression in handling NAMESPACE 'INBOX.', introduced in v1.3.2


1.3.3 (2020-08-04)
==================

Improvements:

- PassCmd supports even bigger XOAUTH2 tokens now

Bug Fixes:

- Fixed crash on syncing multiple Channels which refer to different
  Stores which use a common IMAPAccount
- Fixed crash on IMAP connection breaking down while using -Dd


1.3.2 (2020-07-08)
==================

Improvements:

- Increased PassCmd buffer size to accommodate XOAUTH2 tokens

Bug Fixes:

- Improved SSL error handling
- Improved resilience to IMAP server bugs relating to FETCH
- Fixed handling of non-uppercase IMAP iNbOx spellings
- Fixed timeouts while uploading big messages
- Fixed parsing of NIL hierarchy delimiters in IMAP LIST responses
- Fixed crash when using Tunnel in an IPv6-enabled build
- Fixed libcrypto detection from OpenSSL 1.1+ without pkg-config
- Made --debug-crash work with Yama ptrace protection


1.3.1 (2019-05-28)
==================

Improvements:

- SSL now uses SNI, which for example GMail requires
- The perl 5.14 requirement is now made explicit

Bug Fixes:

- Fixed fallbacks for missing UIDPLUS extension (with e.g. DavMail)
- Fixed UIDVALIDITY recovery with really long Message-id headers
- Fixed GSSAPI authentication with Kerberos
- Fixed support for IMAP servers which do not sort search results (e.g.,
  poczta.o2.pl)
- Fixed CopyArrivalDate on platforms without glibc
- Fixed useless SASL warnings with certain plugins
- Improved OpenBSD support
- Fixed a bunch of compiler warnings


1.3.0 (2017-10-01)
==================

Compatibility Concerns:

- If you have Maildir sub-folders, you need to update the configuration
  to specify the naming style
- get-cert was renamed to mbsync-get-cert to avoid namespace pollution
- Attempts to enable SSL v2 now produce warnings. They were already
  ineffective due to OpenSSL having removed the support a while ago.

New Features:

- Network timeout handling has been added
- Support for proper Maildir++ and a Maildir sub-folder naming style
  without extra dots have been added
- Support for TLS client certificates was added
- Support for recovering from baseless UID validity changes was added
- The option DisableExtension for working around IMAP (server) bugs
  was added

Improvements:

- Opening an IMAP Store is now immediately canceled when the opposite
  Store failed to open

Bug Fixes:

- Fixed handling of UIDs upwards of 2^31
- Fixed mailboxes being skipped with certain combinations of Patterns
  and Path when the same IMAP Store is used in multiple Channels
- Pattern INBOX* is not complained about any more if no Path is defined
- Trashing messages now also resumes after an interruption, rather than
  starting from scratch
- Fixed spurious "TUID lost" warnings after interruption
- Fixed various corner cases when resuming syncing after interruption.
  The test suite exercises this much more thoroughly now.


1.2.3 (2017-10-01)
==================

Improvements:

- Enabled TLS 1.1 and 1.2 by default

Bug Fixes:

- Fixed cross-build with OpenSSL when using pkg-config
- Fixed GCC 7 -Wimplicit-fallthrough warnings


1.2.2 (2017-08-05)
==================

Improvements:

- Added support for OpenSSL 1.1
- IMAP UIDs up to 2^31 are now supported (as opposed to 10^9 before)

Bug Fixes:

- Fixed spurious reports about decompression errors
- Fixed error reporting in both SSL server certificate validation
  and IMAP COMPRESS support
- Fixed use of IMAP LOGIN authentication in some configurations
- Fixed handling of IMAP NAMESPACE without hierarchy delimiter
- Fixed fallback to IPv4 when the kernel is built without IPv6 support


1.2.1 (2015-11-08)
==================

Improvements:

- The dependencies on Berkeley DB and zlib (and the features they enable)
  can be explicitly disabled now
- It is now possible to nest a Maildir Store's Path into its Inbox

Bug Fixes:

- Fixed IPv6-enabled builds crashing upon host name resolution failure
- Fixed updating Maildir flags crashing on OpenBSD
- Fixed deadlocks with NFS home directories
- Fixed SASL authentication with GSS-API
- Fixed messages being uploaded again and again with some servers
- Fixed duplicate mailboxes with IMAP NAMESPACE "INBOX."
- Fixed some problems in the IMAP command submission code
- Fixed build with static libdb, libnsl, and libsocket
- Fixed -DN not implying -Dn


1.2.0 (2015-04-03)
==================

Compatibility concerns:

- The 'isync' compatibility wrapper is now deprecated
- Excess arguments in the config file are not silently ignored any more
- An IMAP Path/NAMESPACE rooted in INBOX won't be handled specially
  any more (the INBOX. prefix was never stripped).
  This means that some Master/Slave/Patterns may need adjustment.
- The SSL/TLS configuration has been re-designed.
  SSL is now explicitly enabled or disabled - "use SSL if available" is gone.
  Notice: Tunnels are assumed to be secure and thus default to no SSL.
  The use of the system certificate store can be disabled now.
- The default output is a lot less verbose now.
  The meanings of the -V and -D options changed significantly.

New Features:

- Support for SASL (flexible authentication) has been added
- Support for Windows file systems has been added by making a replacement
  for the colon configurable
- Support for compressed data transfer (IMAP COMPRESS) has been added
- Folder deletions can be propagated now
- The peak memory usage can be limited now

Improvements:

- The LITERAL+ IMAP extension will not be used any more when uploading big
  messages, to enable early rejection of big uploads
- A dysfunctional Store (e.g., bad password) will now be tried only once,
  not for every Channel it is used in

Bugfixes:

- Fixed handling of some exceptional IMAP protocol conditions
- Fixed spurious "unhandled SSL error 6" messages
- Fixed failure to create Maildir Inbox


1.1.3 (2015-04-03)
==================

Bug Fixes:

- Fixed bogus "unexpected command continuation request"
- Fixed out-of-Path INBOX never being matched by Patterns
- Fixed escaping in PassCmd in mbsyncrc.sample


1.1.2 (2015-01-18)
==================

Improvements:

- Configurations with only TLS 1.1/1.2 are now actually possible
- For security reasons, RequireSSL is not ignored anymore even when Tunnel
  is used - you'll probably need to explicitly disable it
- Maildir Stores with only Inbox but no Path are now permitted
- IMAP Stores with an explicitly empty Path are now permitted

Bug Fixes:

- Fixed acceptance of trusted SSL host certificates
- Fixed duplication of uploaded messages with some IMAP servers (in
  particular, seznam.cz)
- Fixed some memory management mistakes, some of which would cause crashes
- Fixed garbage at end of folder names when using Patterns with some servers
- Fixed Patterns misbehaving with certain server-provided namespaces


1.1.1 (2014-06-01)
==================

Bug Fixes:

- Fixed build on FreeBSD
- Several fixes relating to badly handled IMAP responses,
  including some crashes
- Fixed folder handling in isync compatibility wrapper
- Added pedantic error handling in some rather unlikely places
- Man page fixes
- Some cosmetical fixes


1.1.0 (2013-12-18)
==================

New Features:

- Added support for hierarchical mailboxes in Patterns
- Added full support for IMAP pipelining (streaming, parallelization).
  This is considerably faster especially with high-latency networks.
- Added IPv6 support
- IMAP password query can be scripted now; option PassCmd
- Message arrival dates can be propagated now; option CopyArrivalDate
- Added ExpireUnread option

Improvements:

- Data safety in case of system crashes was improved
- Faster and hopefully more reliable support for IMAP servers without
  the UIDPLUS extension (e.g., M$ Exchange)
- More automatic handling of SSL certificates
- MaxMessages was made vastly more useful

Bug Fixes:

(rumored)


1.0.6 (2013-02-20)
==================

Bug Fixes:

- Fixed CVE-2013-0289: missing SSL subject verification
- Fixed 64-bit cleanness


1.0.5 (2012-04-28)
==================

Improvements:

- In the wrapper, give the implicitly created IMAP Account config the
  name of the Store

Bug Fixes:

- Fixed crash if neither Host nor Tunnel are specified
- Fixed handling of failure to store messages
- Fixed hang after failed start_tls
- Fixed memory access error (used memcpy for overlapping regions)


1.0.4 (2008-02-23)
==================

- Bug Fixes


1.0.3 (2006-11-03)
==================

- Bug Fixes


1.0.2 (2006-02-25)
==================

- Bug Fixes


1.0.1 (2005-03-28)
==================

- Bug Fixes


1.0.0 (2004-09-15)
==================

This is essentially a rewrite. Synchronization state storage concept,
configuration and command line changed entirely.
But you needn't to worry about the upgrade, as a fully automated migration
path is provided, even for users of isync 0.7 and below.
Still, you should re-read the manual to be able to take full advantage of
the new features:

- The supported mailbox types can be freely paired now.
  A possible application of this is using a local IMAP server to access
  mailboxes that are not natively supported yet.
- Message deletions (expunges) are now propagated both ways, so there is
  no need for using mutt with maildir_trash any more
- Additional trash options added
- 'OneToOne' was replaced by something more flexible
- Added partial support for IMAP pipelining (streaming, parallelization).
  This makes flag change propagation much faster - this affects every
  message that becomes Seen/Read.


0.9.2 (2003-12-07)
==================

- Bug Fixes


0.9.1 (2003-05-07)
==================

- Bug Fixes


0.9 (2003-05-05)
================

Compatibility Concerns:

- -C now creates both local and remote boxes; the new -L and -R create
  only local/remote ones.

New Features:

- Added Tunnel directive to allow the user to specify a shell command to
  run to set up an IMAP connection in place of a TCP socket (e.g., to run
  over an SSH session)
- Added PREAUTH support (useful mostly in conjunction with Tunnel)
- Added 'OneToOne' configuration option: ignore any Mailbox specifications
  and instead pick up all mailboxes from the local MailDir and remote
  Folder, and map them 1:1 onto each other according to their names

Improvements:

- Messages marked deleted are not uploaded when we are going to expunge
- Locally generated messages are not re-fetched after uploading even if
  the UIDPLUS extension is not supported by the server
- --quiet is now really quiet


0.8 (2002-01-28)
================

Compatibility Concerns:

- In order to fix the problem where messages copied from one mailbox to
  another were not uploaded to the new mailbox, the way Isync stores the
  UID for each message needed to be changed.  As a result, you _MUST_
  delete all the messages in the local maildir box before using this
  version. Otherwise it will upload every message to the server thinking
  it is a new mail.


0.7 (2001-11-20)
================

New Features:

- Added 'MaxMessages' configuration option to allow tracking of only the
  most recently added message in the local mailbox
- Added --create (-C) command line option to force creation of the local
  maildir-style mailbox if it doesn't already exist


0.6 (2001-10-31)
================

New Features:

- Added 'Delete' configuration option to correspond to the -d command
  line option
- Added -a (--all) command line option to synchronize all mailboxes


0.5 (2001-06-13)
================

New Features:

- Updated SSL support
- Added CRAM authentication support
- Added MailDir configuration option to specify the default location of
  local mailboxes when relative paths are used
- Added support for uploading local messages to the IMAP server
- Added CopyDeletedTo configuration option to cause isync to move deleted
  messages to a particular mailbox on the server when they are expunged


0.4 (2000-12-31)
================

New Features:

- Added MaxSize configuration option to limit downloading of new messages
  from the server to less than some threshold

Improvements:

- More robust --fast option works without using \Recent flags, so the
  previous problem with multiple accesses killing these flags is no longer
  a problem
- RFC2060 obsoleted RFC822.PEEK; use BODY.PEEK[] instead which does the
  same job
- Stop requesting UID in FETCH when doing UID FETCH (RFC2060 states that
  it is automatically returned)


0.3 (2000-12-21)
================

New Features:

- Added support for building RPMs

Bug Fixes:

- Fixed failure to clean up temp maildir files when the fetch of a new
  message failed
- Fixed invalid assumption of order of the flags returned by "UID FETCH"


0.2 (2000-12-21)
================

New Features:

- Added SSL support


0.1 (2000-12-20)
================

- Initial release